<?php
require "../config/class.mysql.php";
$Mysql = new Mysql();

session_start();


// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=md5($_POST['mypassword']);

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$result = $Mysql->getWhere('members', '*', array('username',$myusername));

if(count($result)==1 && $result[0]['password']== $mypassword){

// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION["myusername"] = 1;
header("location:index.php");
}
else {
echo "Usuario o contraseña erroneo.";
}

?>
